Splunk Akamai API

RahulMisra1

Hi ,

I am trying to achieve an automation whereon i will be running a query and then passing the IP's which i need to send to akamai via POST API. I know, edgegridauth library can be used to achieve the same but got stuck on how the action would be configured . Can someone help.

deepakc

In Splunk you need to configure alert actions, as you can see many come out of the box for your use case, you have a few options that you can explore.

1. Use this Add-on - it may help with some config/testing so needs to be installed - https://splunkbase.splunk.com/app/5520
2. Develop your own Action - https://dev.splunk.com/enterprise/docs/devtools/customalertactions/

RahulMisra1

Thanks! This help me to move forward, just one thing if you can help. I have all done all, just not sure on what should i be putting on html (https://dev.splunk.com/enterprise/docs/devtools/customalertactions/createuicaa/) so that i can pass the IP to Akamai API.

deepakc

Have a look at this example it may help, other than that work through the documentation

splunk-app-examples/custom_alert_actions/slack_alerts/default/data/ui/alerts/slack.html at master · ...

RahulMisra1

I had a look at that one but i am not really an expert so couldn’t get much idea there.

Like Where would be my api credentials reaide and how do i call the api from custom alert action?

deepakc

As your not an expert then it might be better for you to explore Splunks Add-on builder which will have options to create what you need and with credentials, have a look at the below as it may help.

https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/CreateAlertActions

https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/ConfigureDataCollection

Splunk Akamai API

other

Index This | I’m short for "configuration file.” What am I?

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Your Guide to SPL2 at .conf24!